Re: An idea for keysigning (related to Breaking Cliques at Events)
On 12/17/2017 06:24 PM, Daniel Kahn Gillmor wrote: > Hi Elena-- > > On Sun 2017-12-17 11:19:28 +0100, Elena ``of Valhalla'' wrote: >> Of course it should start with the usual Reading of the Hash etc., then >> people would split in small groups¹ (6 people?) and have 20 minutes to >> do the ID Dance, but most importantly introduce themselves and talk to >> each other a bit. After 20 minutes new groups should be formed, and the >> same repeated. > > we did this at some previous debconf (i forget which one) I believe it was in Portland. I enjoyed it. Cheers, Thomas Goirand (zigo)
Re: Suggestions, questions and concerns about DebConf19?
On 08/11/2018 03:45 AM, Yao Wei wrote: > Hi, > > Please, if possible, keep your funding source simple and don't sell data > to the government like we did this time. > > I feel tremendously sorry handling this issue. > > Yao Wei Hi, You really don't need to. Other people would have just sent out all the info without telling anyone, and you handled it correctly. I personally don't care too much if my initials and country name are given out to a government who anyways takes my fingerprint when I get in. This makes me by the way think that giving out initials is the same as giving out full passport info, as they can easily cross-compile the dbs. But should I care? Attending Debconf is *ANWAY* a public thing: faces can be seen on camera and so on (even if you don't give any talk). Thanks for all the work you've done, Cheers, Thomas Goirand (zigo)
Re: Suggestions, questions and concerns about DebConf19?
On 08/11/2018 05:00 PM, Wouter Verhelst wrote: > On 08/11/2018 11:44 AM, John Paul Adrian Glaubitz wrote: >> So you're saying that taking care of each other is not important for >> Debian? Got it. > > It would be useful if you stopped coming up with extreme hyperbolic > examples and then accusing the people who don't agree with you of > something ethically unjust. It's not helpful, nor constructive. Idiot-proof reading: my point was to say the organizers are not liable. It is, of course, desired if we can help of each other. But you're not an idiot: you just decided it was ok to distort my words and draw false conclusions with it. I very much agree with Wouter here, as always you're being over aggressive, uselessly accusative. On top of that, when being told that you've crossed the line, you're just evasive. This is *not* an acceptable way to communicate on public lists. Thomas Goirand (zigo)
Re: Get your free Yubikey sponsored by Infomaniak (available for free for any DD and DM)
Forgot "Yubikey" in the subject line ... :) Cheers, Thomas Goirand (zigo)
Re: Get your free Yubikey sponsored by Infomaniak (available for free for any DD and DM)
On 04/15/2018 07:43 AM, YunQiang Su wrote: > On Sun, Apr 15, 2018 at 5:09 AM, Thomas Goirand <z...@debian.org> wrote: >> Forgot "Yubikey" in the subject line ... :) > > How many bits does it support? The keys support storing 3 4096 bits subkeys, for auth, encryption and signing. You're not supposed to store your master key in the Yubikey, instead you'd just save the master key far away in a safe place. The only issue is that then, you can't exchange key signature only using the Yubikey, but I guess that's fine. At Infomaniak, we have a master key without expiration, and the 3 subkeys expire within 365 days, and are renewed every year. You can also use a GPG derived ssh key, which is what we use for the every day auth to servers. Typing "ssh-add -L" shows the private part of the ssh key, and the gpg-agent then takes care of the auth. I also use that ssh key for login into Debian servers (and for the Git in Salsa). Knowing that my laptop doesn't hold any ssh or gpg key is nice. When I leave my desk, I just lock my desktop the normal way, remove the Yubikey and go. The Yubikey is a way smaller to carry than my laptop... :P Cheers, Thomas Goirand (zigo)
Re: Get your free Yubikey sponsored by Infomaniak (available for free for any DD and DM)
On 04/16/2018 03:09 AM, Daniel Kahn Gillmor wrote: > On Sun 2018-04-15 15:49:09 +0200, Thomas Goirand wrote: >> The keys support storing 3 4096 bits subkeys, for auth, encryption and >> signing. You're not supposed to store your master key in the Yubikey, >> instead you'd just save the master key far away in a safe place. The >> only issue is that then, you can't exchange key signature only using the >> Yubikey, but I guess that's fine. >> >> At Infomaniak, we have a master key without expiration, and the 3 >> subkeys expire within 365 days, and are renewed every year. > > how does this work dring the transition phase of encryption subkey > rotation, when you've published your new encryption-capable key (so some > peers have it) but your old encryption-capable key is not yet expired? > > During this stage of a subkey transition, i usually have some new > messages arriving that are encrypted to the old subkey, and others that > are encrypted to the new subkey. If i had put my decryption-capable > subkey on a smartcard with exactly one slot for a decryption key, i > wouldn't be able to decrypt some messages, so the usability seems > problematic. How do you handle it during this transition? Easy: we just make the new subkeys on a new Yubikey, and keep 2 keys for a short time (a month or 2, which is enough for the Debian keymaster to update the keys). That's ok because we have lots of spare Yubikeys. I guess it should be a way more annoying if you don't. After that period, we can still use the old saved .gnupg that we store on an encrypted USB key, together with the private part of the master key. We got to make sure we have access to the private part of the master key to exchange key signature anyways, even if the point of having subkeys is to *not* store it on our laptops. I have to admit I don't really like rotating the subkeys that often, it's annoying, and I'm not so sure if it adds so much security. :/ Cheers, Thomas Goirand (zigo)
Re: Get your free sponsored by Infomaniak (available for free for any DD and DM)
On 04/16/2018 03:05 PM, Samuel Henrique wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA512 > > Hello Thomas, > > I'm a DM, currently on the process of becoming a DD, and i would love to > get a Yubikey, they are kinda hard to get here in Brazil. > > Thanks Hi Samuel, Do you know anyone that goes to DC18 that could grab it for you? As the team for DC19 will go, it should be easy to find someone to help, no? While giving out keys is easy, shipping to each and everyone would take a way too much effort, time, and money. Cheers, Thomas Goirand (zigo)
30 Yubikeys sponsored by Infomaniak for Debconf 19 attendees
Dear everyone, As you know, Infomaniak is supporting Debconf 19 as the first platinium sponsor. I'm very proud my company is doing that. But that's not only it. Indeed, like last year, Infomaniak will be giving out some Yubikey where DDs and DMs can store the private part of their GPG subkeys. These yubikeys are white USB A keys, branded with the Infomaniak logo. I'll come with 30 yubikeys. If you want one, *you need to reply* to this email right away now, with a message *signed with your GPG key*. It's going to be on a first ask, first served basis. After I receive 30 requests, I'll close the offer. Please reply to me, not to the list. Of course, those who got a key from last year cannot ask again (unless their 1 year old yubikey is broken or something...). Also, we will *not* send keys by post (this is too much administrative work). So if you do not attend Debconf 19 yourself, or if nobody attending the conference can bring it to you, then I will not be able to give you a Yubikey. I am generally ok with the idea to give Yubikeys to non-DDs or even non-DMs, however, DDs and DMs will have priority (in this order). Last, if you are interested for a session like last year on how to use the Yubikey, I can do such an event during the conference, also explaning how to use the Yubikey to unlock your LUKS partition. Though probably it will be decided at the last minute. If you wish to attend such an event, please also say so in your reply. I'd like to hereby thanks my employer, Infomaniak, for this thing, and the sponsoring of Debconf 19. Hoping to make the Debian GPG ring a safer cipher space, Best regards, Thomas Goirand (zigo) P.S: I'll be in Curitiba for all of debcamp and debconf myself, and you'll be able to ask me for your Yubikey as soon as you see me...
What is included in the hotel?
Hi, I'd like to know, is the hotel providing: - towels - shampoo + soap - toothbrush + paste - anything else? If I can *not* bring the above, that's nice, because I'm used to travel light, and bring only a carry-on. Also, do they offer a laundry service? Cheers, Thomas Goirand (zigo)
Re: Announcing the elephant in the room BOF
On 8/1/19 4:38 AM, Steve McIntyre wrote: > So where does it go from here? > > Lots of project members were not in the small session that we > held. I'm not necessarily convinced that all arguments always need to > be heard, but even if we concede that point I don't think we achieved > that either. Steve, everyone, Even though we didn't have time to listen to everyone, I do believe it was very healthy to be able to share our views. It was done with everyone sharing the need for carefully articulate things. It could have lead to a political discussion, and it nicely didn't. We don't necessarily need to have a collective decision and do something. This session clearly helped me to understand everyone's opinion, and I'm very happy it happened. We can now just let each of us make a personal decision on what to do next year. Cheers, Thomas Goirand (zigo)
Please tag names on the group photo of debconf 19
Hi, I almost forgot that I tagged the group photo with numbers, like I did a few times before. As always, I did some mistake, like multiple times the same number, etc., so just make sure you make it descriptive enough to "fix" the wrong tags. Feel free to tag everyone you know. I quickly did what I could (sorry if there's some spelling mistakes), and didn't even fill all I knew: https://salsa.debian.org/debconf-team/public/share/debconf19/-/blob/master/photos/aigarius/debconf19_group_tagged.md Cheers, Thomas Goirand
Re: DebConf20 registration is now open (with caveats)
On 5/22/20 11:11 AM, Holger Levsen wrote: > On Fri, May 22, 2020 at 12:00:37AM -0500, Gunnar Wolf wrote: >> I believe it's important to get those numbers somehow. Now, the >> registration interface does not provide for anything like that - we >> were preparing a survey in the last couple of days to get a better >> look at said numbers, and we should be sending it out to everybody >> soon; it will be important in the decision process. > > I believe the poll being prepared misses a "we're in a global pandemic, please > cancel this event" option. > > I also believe organizing DebConf as an in person event in August 2020 > is endangering the participants *and* others, and if GRs were not > such a pain (and a big hammer) I were pondering to have one for not > organizing this in Debian's name. > > I'm sorry but this is how I see things currently. +1 I can't help to think about a disaster scenario where 100s of DDs attend the event, get sick, some percents get in life danger, and another percent dies... Cheers, Thomas Goirand (zigo)
Re: Singers wanted.
On 8/27/20 6:38 PM, Ashley J Gittins wrote: > Curious... I'm interested (I'm a tenor), and I might be able to convince > my partner (she's a soprano). > > However we're in Australia, so latency to .de is ~300ms sed s/.de/.ch/ The infrastructure for this year is in Geneva. :) Thomas
Re: Driving from France to Prizren: visa requirements
On 3/21/22 12:33, Wookey wrote: On 2022-03-20 23:03 +0100, Thomas Goirand wrote: I probably will drive from France (next to Geneva) to Prizen, because it may be cheaper and easier this way (compared to fligh + rent a car, and since I'm planning to come with all of my family). Apologies for thread-hijacking, but I was also considering driving (from the UK, with my wife, mostly to have a 2-3 week camper holiday in the area around debconf (and get stuff to Austria for an expedition)), and have a similar question. People with country-specific expertise may be able to answer both visa and covid regs aspects. It's about 9 countries and we are somewhat concerned that every country will have different covid rules and there might be significant risk of getting 'stuck' for a week or 10 days at a border with a failed covid test which would rater spoil the excercise. Obviously these things are subject to change and _might_ have all gone away by mid 2022, but then I thought that about a year ago too... Has anyone (e.g. you Thomas?) looked at the rules for tests and entry etc for any of UK, France, Belgium, Germany, Austria, Slovenia, Croatia, B, Kosovo, Serbia, Albania? Is this actually a bad plan for this year and best left for some other time? Wookey Hi Wookey, Doing the Covid restriction search was next on my todo list. I don't think you need to fear anything *FOR THE MOMENT* in France: all restrictions have been lifted, and the only place you need a covid pass is the hospital (and if you don't have one, they can test you on site). I'll soon ask my colleague for Italy (he is Italian) and let you know. Cheers, Thomas Goirand
Driving from France to Prizren: visa requirements
Hi, I probably will drive from France (next to Geneva) to Prizen, because it may be cheaper and easier this way (compared to fligh + rent a car, and since I'm planning to come with all of my family). As the Adriatic Sea side is a very nice thing to watch during the travel, I've thought about a route going like this do: France -> Milan -> Venice -> Slovania -> Coratia -> Montenegro -> Albania -> Prizren. The problem is that each country must have a different visa requirement. For me and my kids, it should be ok, but for my wife, with a Chinese passport, it should be more complicated. Do you have any idea what are the (pass over?) visa requirements for these countries? Do they deliver the visa at the border? If it's too complicated, another option is to go south in Italy, and take a boat from Bari to Durres in Albania, in which case we would only cross Albania. But we would then miss the nice Croatia sea views... Also, is there somewhere the visa requirements for Kosovo in the wiki? I couldn't find it... The page over here: https://debconf22.debconf.org/about/visas/ only lists countries that don't need visas, and points to the root of https://www.mfa-ks.net/ without even a specific URL. Finding my way on that site, I get to this URL: https://www.mfa-ks.net/en/sherbimet_konsullore/503/kush-ka-nevoj-pr-viza-t-kosovs/503 which ... doesn't work on Firefox. Then I tried with Chromium, which lead me to the following text: > Visas may be obtained from diplomatic and consular posts of Kosovo in: > > Tirana, Albania > Ambasada e Republikës së Kosovës në Tiranë > Rr. Donika Kastrioti, Vila nr 6, Tiranë > E-mail : visa...@rks-gov.net > http://www.ambasada-ks.net/al/ > > Istanbul, Turkey > Konsullata e Përgjithshme e Republikës së Kosovës në Stamboll > Vali Konağı Cad. No: 74 D 3 > Nişantaşı, İstanbul / Turkey > E-mail: visa@rks-gov.net > http://www.ambasada-ks.net/tr/ Not very helpful, we live next to Geneva. So, what does this mean? How does it work? Sorry to say thing this way, but I do expect *MORE* information from the local debconf team, and it disappoints me that I may not be the only one finding it hard to understand how all of this work... Your thoughts? Cheers, Thomas Goirand (zigo)
Re: Driving from France to Prizren: visa requirements
On 3/20/22 23:29, Enkelena Haxhiu wrote: Hi Thomas, We are in the process of making an agreement with the Ministry of Foreign Affairs so that we may send a list of people needing a visa and a copy of their documents, then they will confirm it and ask for people to send their passport via post to the embassy in Istanbul or consulate in New York. This process has not ended, this is why we have not updated the website yet. It will be known soon. Unfortunately, this is the only way we can deal with it. The Republic of Kosovo does not issue visas upon arrival, we asked about this and it is not possible. Regarding information about European countries visa requirements, you think we should have information about that? If so, then we will surfe their official websites and make a guide. Hope this is helpful. Kind regards, Enkelena Hi Enkelena, Thanks for your ultra-quick reply! :) It'd be very nice if you can do the way you describe above, indeed, for the Kosovo visas. My advice though: update the website now, and copy/past what you just explained to me, even if the deal isn't done yet. Then I did a bit more research. The following countries do not require visa for Chinese: - Albania - Bosnia & Herzegovina - Serbia (if we decide for that route instead of Croatia...) The following countries are in the Schengen area: - Slovenia - Croatia For Montenegro, they have the following rule: "Nationals of any country may visit Montenegro without a visa for up to 30 days if they hold a passport with visas issued by Ireland, a Schengen Area member state, the United Kingdom or the United States or if they are permanent residents of those countries. so as my wife has a living permit in France (Schengen area), she doesn't need a visa for Montenegro. So finally, it looks like the only annoying visa thing for us may be Kosovo only, whatever route we take, and I may organize the trip as I want! :) You may (and probably should) share the above on the website, provided you trust me and ... wikipedia. Hint: https://en.wikipedia.org/wiki/Visa_policy_of_$ helps a lot... Cheers, Thomas Goirand (zigo)
Re: Call for bids for DebConf24
Hi Matusz, On 10/29/23 00:06, matusz wrote: On rhe other hand I would think twice to organize debconf24 in other places than Haifa. There is plenty of time (9-10 months) until debconf 24 Haifa would happen. When we discussed, with a few friends, about Debconf in Israel in 2018 in Brazil (in private), I raised the concern that in this area of the world, nobody can forecast when a new episode of the conflict starts. This is a very serious security concern, which even in 2018, lead me to conclude it wasn't safe to plan for a travel in Israel. I feel very sorry that I was right ... :( Even if there's some kind of peace again, or at least, if the conflict becomes dormant once more, there's never a guarantee that it will last during Debconf. I don't think it's reasonable to take such a risk. I very much prefer if we decide *NOW* to go somewhere safer. BTW, I am, and will always be, on the side of peace. All of this is very sad, and I hope that I will see durable peace in this land before I die. Cheers, Thomas Goirand (zigo) P.S: I carefully avoided any word that may start a debate about the current event. That should, IMO, stay away from Debian. I do expect everyone else to do the same. If you want to have debates, there are other more appropriate places than the Debian project.
Re: DebConf22 bursaries for food or accommodation
On 5/17/22 19:32, gregor herrmann wrote: Cheers, gregor (just a random attendee) Gregor, Somebody like you, doing so many uploads (and RC fixing), isn't a random attendee... Thanks for all you do! Cheers, Thomas Goirand (zigo) P.S: Hopefully, we'll see each other this summer, and I'll be able to make the usual same old joke... (aren't you RC fixing?). I miss you and the rest of the so nice Perl team members!
Re: Sponsoring a Yubikey for Debian contributors during Debconf 22
On 6/1/22 11:59, Thomas Goirand wrote: Dear everyone, Like I did twice already, Infomaniak is happy to sponsor a Yubikey to every Debconf attendee that is also a Debian contributor. The rules to get a Yubikey are: - You *must* contact me privately to request your Yubikey *before* I am myself going to Prizren. I'll write your name on a list, and check for it during Debconf. You will have to find me and ask me when on site (do not be shy, I don't bite...). I forgot to write: please let me know in your message if you're a DD or a DM (or none of that) so I can write it down. Cheers, Thomas Goirand (zigo)
Sponsoring a Yubikey for Debian contributors during Debconf 22
Dear everyone, Like I did twice already, Infomaniak is happy to sponsor a Yubikey to every Debconf attendee that is also a Debian contributor. The rules to get a Yubikey are: - You *must* contact me privately to request your Yubikey *before* I am myself going to Prizren. I'll write your name on a list, and check for it during Debconf. You will have to find me and ask me when on site (do not be shy, I don't bite...). - You must have contributed to Debian over the last 5 years (it doesn't have to be packaging, for example some translation or website content is also ok). - You should not ask for a Yubikey if you already had one from Infomaniak already (except if the one we gave you is broken). - You must attend Debconf in person yourself, or one of your relative. So if someone from your country is going, it's ok if he/she takes the Yubikey for you. The reason is: we will *not* organize shipping (please don't ask, we really will not do shipping). - You do agree that I keep your name + email address on my list (which I wont share with anyone, it's just to make sure people don't request for a Yubikey twice). Requesters with their key in the keyring (ie: DDs / DMs) will have priority, as there is a limited amount of keys available, however every times I did it, there was enough for everyone, so feel free to ask for a Yubikey even if you're not a DD/DM. Note that I gave a quick tutorial on how to use the Yubikey 3 years ago in Debconf Brazil, and the video is available online [1]. If you have questions about this that isn't answered in the video recording, I will be happy to help during Debconf (I am the keymaster of Infomaniak, and help every new employe create keys, so I do have some training using GPG and a Yubikey). Also note that the Yubikey is a version 4, USB A, printed with the Infomaniak logo on it. We found this model the most resistant (it can even go to the washing machine, but you must make sure you don't bend it too hard). Cheers, Thomas Goirand (zigo) [1] https://meetings-archive.debian.net/pub/debian-meetings/2019/DebConf19/yubikey-hands-on-how-to-create-store-and.webm
Re: DebCamp activities
On 7/6/22 22:58, Anastasios Lisgaras wrote: On 7/6/22 19:31, Enkelena Haxhiu wrote: If there are interested people, I can also organize a basic course on Linux Commands, based on this: https://ocw.fs.al/course/view.php?id=23 <https://ocw.fs.al/course/view.php?id=23> It is not quite related to Debian, but it should be good enough for beginners. It is better to create an event somewhere, where people can register, so that we can have an idea about how many people could participate, to notify them about the meeting times, etc.. We can also talk privately about the organization details, if these proposals seem interesting. Regards, Dashamir Nice idea, if you want help, ping me, I will be happy if I am able to help. I think it would be a nice idea to have an organized presentation somewhere with collected material. Just so we know where it's better to start and what not to forget to mention. If you do it after Wednesday (that's when I arrive), then maybe my kids will be interested. I can translate (in real time) to them what you say, if you think that works. Cheers, Thomas Goirand (zigo)